HP Laptops Flaw Allows Remote Code Execution

Hewlett-Packard laptop owners better be careful about which sites they choose to visit. A recently-discovered flaw would allow an attacker to launch a remote code execution attack if the users is lured onto a malicious web page.

According to an advisory posted on Milw0rm.com, the problem stems from the HP Info Center software that comes as a default feature on most HP notebooks. It appears that one of the ActiveX controls, namely HPInfoDLL.dll, uses three insecure methods that would allow hackers to play around with the machine and launch remote code execution and remote registry manipulation based attacks.

The computer maker has yet to offer a patch for the vulnerability, so, in the mean time, here are a couple of things to do in order to avoid an attack. The first and most easy way is to use any other browser than Internet Explorer. Microsoft’s browser is the only one vulnerable and similar attacks are reported not to work with Firefox, Opera or Safari.

“Any attack vector will always begin with a try to induce remote user owning a vulnerable machine to launch the attackers controlled WWW link. If the victim uses different browser than IE attacker will probably attempt to induce to open the malicious website from within IE. After that the attack will follow automatic and without any need of interaction with the victim.”

Another method for keeping attackers at bay, the advisory states, would be to manually setting kill-bit for a vulnerable ActiveX control will do the trick.

However, if you insist on staying with IE, then make sure you don’t click any links leading to shady websites.